Oval Definition:oval:org.opensuse.security:def:50762
Revision Date:2020-12-01Version:1
Title:Security update for ucode-intel (Moderate)
Description:

This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for:

- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack' attacks. (bsc#1156353)

Microcode Table:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ HSW C0 6-3c-3/32 00000027->00000028 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5 HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4 HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5 SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2 CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2 SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5 AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8 CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9 CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile

Also contains the Intel CPU Microcode update to 20200520:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Family:unixClass:patch
Status:Reference(s):1062631
1103203
1119947
1134209
1140290
1146025
1152692
1154824
1155094
1155327
1155419
1156353
1157627
1160467
1160468
1160471
1160903
1160905
1162825
1165849
1166881
1167631
1168345
1170441
1172004
1172053
1172189
1172402
1172466
1172795
1172796
1174157
1177914
1177943
935393
CVE-2015-3243
CVE-2018-16884
CVE-2019-13173
CVE-2019-14896
CVE-2019-14897
CVE-2019-15681
CVE-2019-15690
CVE-2019-18348
CVE-2019-18902
CVE-2019-19727
CVE-2019-20788
CVE-2019-9674
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-11501
CVE-2020-12398
CVE-2020-12405
CVE-2020-12406
CVE-2020-12410
CVE-2020-12693
CVE-2020-12802
CVE-2020-12803
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-15999
CVE-2020-1752
CVE-2020-7216
SUSE-SU-2018:1937-2
SUSE-SU-2019:2055-1
SUSE-SU-2020:0264-1
SUSE-SU-2020:0820-1
SUSE-SU-2020:0948-1
SUSE-SU-2020:1164-2
SUSE-SU-2020:1339-1
SUSE-SU-2020:1589-1
SUSE-SU-2020:2995-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libecpg6-9.1.9-0.3 is installed
  • OR libpq5-9.1.9-0.3 is installed
  • OR libpq5-32bit-9.1.9-0.3 is installed
  • OR postgresql91-9.1.9-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND rpcbind-0.1.6+git20080930-6.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • dbus-1-1.8.8-1 is installed
  • OR dbus-1-x11-1.8.8-1 is installed
  • OR libdbus-1-3-1.8.8-1 is installed
  • OR libdbus-1-3-32bit-1.8.8-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • bind-libs-9.9.6P1-30 is installed
  • OR bind-libs-32bit-9.9.6P1-30 is installed
  • OR bind-utils-9.9.6P1-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND facter-2.0.2-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND cifs-utils-6.5-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.14 is installed
  • OR libvncserver0-0.9.10-4.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND ucode-intel-20200602-3.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-7-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-195-default-9-25 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_0-9-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libpython2_7-1_0-32bit-2.7.17-7.38 is installed
  • OR python-2.7.17-7.38 is installed
  • OR python-32bit-2.7.17-7.38 is installed
  • OR python-base-2.7.17-7.38 is installed
  • OR python-base-32bit-2.7.17-7.38 is installed
  • OR python-demo-2.7.17-7.38 is installed
  • OR python-doc-2.7.17-7.38 is installed
  • OR python-doc-pdf-2.7.17-7.38 is installed
  • OR python-idle-2.7.17-7.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • MozillaThunderbird-68.9.0-3.85 is installed
  • OR MozillaThunderbird-translations-common-68.9.0-3.85 is installed
  • OR MozillaThunderbird-translations-other-68.9.0-3.85 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • rsyslog-8.33.1-3.3 is installed
  • OR rsyslog-module-gssapi-8.33.1-3.3 is installed
  • OR rsyslog-module-mysql-8.33.1-3.3 is installed
  • OR rsyslog-module-pgsql-8.33.1-3.3 is installed
  • OR rsyslog-module-relp-8.33.1-3.3 is installed
  • OR rsyslog-module-snmp-8.33.1-3.3 is installed
  • OR rsyslog-module-udpspoof-8.33.1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs8-8.15.1-3.17 is installed
  • OR nodejs8-devel-8.15.1-3.17 is installed
  • OR nodejs8-docs-8.15.1-3.17 is installed
  • OR npm8-8.15.1-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libmysqlclient-devel-10.0.31-29.3 is installed
  • OR libmysqlclient18-10.0.31-29.3 is installed
  • OR libmysqlclient18-32bit-10.0.31-29.3 is installed
  • OR libmysqlclient_r18-10.0.31-29.3 is installed
  • OR libmysqld-devel-10.0.31-29.3 is installed
  • OR libmysqld18-10.0.31-29.3 is installed
  • OR mariadb-10.0.31-29.3 is installed
  • OR mariadb-client-10.0.31-29.3 is installed
  • OR mariadb-errormessages-10.0.31-29.3 is installed
  • OR mariadb-tools-10.0.31-29.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND autofs-5.0.9-21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND shadow-4.2.1-27.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • liblouis-data-2.6.4-6.6 is installed
  • OR liblouis9-2.6.4-6.6 is installed
  • OR python-louis-2.6.4-6.6 is installed
  • OR python3-louis-2.6.4-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • freetype2-2.10.1-4.8 is installed
  • OR freetype2-devel-2.10.1-4.8 is installed
  • OR libfreetype6-2.10.1-4.8 is installed
  • OR libfreetype6-32bit-2.10.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • ghostscript-9.52-3.27 is installed
  • OR ghostscript-devel-9.52-3.27 is installed
  • OR ghostscript-x11-9.52-3.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • bluez-5.48-5.16 is installed
  • OR bluez-cups-5.48-5.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-68.1.1-3.51 is installed
  • OR MozillaThunderbird-translations-common-68.1.1-3.51 is installed
  • OR MozillaThunderbird-translations-other-68.1.1-3.51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libproxy-plugins-0.4.15-4.3 is installed
  • OR libproxy1-config-gnome3-0.4.15-4.3 is installed
  • OR libproxy1-networkmanager-0.4.15-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionmailer-4_2-4.2.9-3.3 is installed
  • OR ruby2.1-rubygem-actionpack-4_2-4.2.9-7.3 is installed
  • OR ruby2.1-rubygem-actionview-4_2-4.2.9-9.3 is installed
  • OR ruby2.1-rubygem-activejob-4_2-4.2.9-3.3 is installed
  • OR ruby2.1-rubygem-activemodel-4_2-4.2.9-6.3 is installed
  • OR ruby2.1-rubygem-activerecord-4_2-4.2.9-6.3 is installed
  • OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.3 is installed
  • OR ruby2.1-rubygem-rails-4_2-4.2.9-3.3 is installed
  • OR ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.3 is installed
  • OR ruby2.1-rubygem-railties-4_2-4.2.9-3.3 is installed
  • OR rubygem-actionmailer-4_2-4.2.9-3.3 is installed
  • OR rubygem-actionpack-4_2-4.2.9-7.3 is installed
  • OR rubygem-actionview-4_2-4.2.9-9.3 is installed
  • OR rubygem-activejob-4_2-4.2.9-3.3 is installed
  • OR rubygem-activemodel-4_2-4.2.9-6.3 is installed
  • OR rubygem-activerecord-4_2-4.2.9-6.3 is installed
  • OR rubygem-activesupport-4_2-4.2.9-7.3 is installed
  • OR rubygem-rails-4_2-4.2.9-3.3 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.3 is installed
  • OR rubygem-railties-4_2-4.2.9-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libmariadb3-3.0.3-3.3 is installed
  • OR mariadb-10.2.15-4.3 is installed
  • OR mariadb-client-10.2.15-4.3 is installed
  • OR mariadb-connector-c-3.0.3-3.3 is installed
  • OR mariadb-errormessages-10.2.15-4.3 is installed
  • OR mariadb-galera-10.2.15-4.3 is installed
  • OR mariadb-tools-10.2.15-4.3 is installed
  • OR xtrabackup-2.4.10-4.3 is installed
    • BACK